[UNCLASSIFIED]RE: [clug] Detecting malicious former employees
Tomasz Ciolek
tmc at vandradlabs.com.au
Tue Sep 12 03:14:01 GMT 2006
Thats the way...
But simple questions are:
1. what are you protecting from?
2. what are you mitigating against?
3. is it cheaper/feasible to not secure it, and wear the fallout?
Answer those and that dicates the lengths you go to...
Tomasz
On Tue, Sep 12, 2006 at 01:09:16PM +1000, Alex Satrapa wrote:
> On 12 Sep 2006, at 12:47, Michael Still wrote:
>
> >You also need to rename their .ssh/authorized_keys file, or ssh
> >will allow execution of programs (I think. I need to test this).
>
> Ideally, you'd have some way of generating authorized_keys files
> based on known trusted keys. After all, a truly malicious
> administrator might go generating fake keys for "trusted" employees,
> eg: I could go putting my fake keys into Bob and Charli's accounts,
> so that after my account was disabled I still have SSH access to the
> system using other people's accounts.
>
> Wow... once you start getting paranoid, security gets more and more
> expensive!
>
> Alex
>
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
--
Tomasz M. Ciolek
*******************************************************************************
tmc at vandradlabs dot com dot au
*******************************************************************************
GPG Key ID: 0x41C4C2F0
GPG Key Fingerprint: 3883 B308 8256 2246 D3ED A1FF 3A1D 0EAD 41C4 C2F0
Key available on good key-servers
*******************************************************************************
More information about the linux
mailing list